Are you running WordPress 4.2.0 to 4.5.1? Time to upgrade to 4.5.2!

It was recently discovered that WordPress versions 4.2.0 to 4.5.1 are vulnerable against a reflected XSS vulnerability in a specific WordPress SWF-file: flashmediaelement.swf. The could lead to leaked WordPress credentials, or be used as a stepping stone to more severe .

3 things you can do to your website:

  • Upgrade to WordPress version 4.5.2 as soon as possible.
  • the flashmediaelement.swf file (if you do not know how to proceed, the best option is to simply upgrade the WordPress-version).
  • A third option is to limit the allowed IP addresses to your office or VPN IP.

As always, we recommend you to run regular security tests on your website to keep up with all the latest vulnerabilities.

Stay safe!

Source link


Please enter your comment!
Please enter your name here